0) { $returnval = true; } else { $returnval = false; } } else { printf("Error: %s.\n", mysqli_stmt_error($stmt)); } // Close statement mysqli_stmt_close($stmt); } return $returnval; } // Define variables and initialize with empty values $username = $password = ""; $username_err = $password_err = $login_err = ""; // Processing form data when form is submitted if(isset($_SERVER["REQUEST_METHOD"]) && $_SERVER["REQUEST_METHOD"] == "POST") { // Check if username is empty if(empty(trim($_POST["username"]))) { $username_err = "Prosím zadejte váš login."; } else { $username = trim($_POST["username"]); } // Check if password is empty if(empty(trim($_POST["password"]))) { $password_err = "Prosím zadejte heslo."; } else { $password = trim($_POST["password"]); } // Validate credentials if(empty($username_err) && empty($password_err)) { // Prepare a select statement $sql = "SELECT id, username, password FROM users WHERE username = ?"; if($stmt = mysqli_prepare($link, $sql)) { // Bind variables to the prepared statement as parameters mysqli_stmt_bind_param($stmt, "s", $param_username); // Set parameters $param_username = $username; // Attempt to execute the prepared statement if(mysqli_stmt_execute($stmt)) { // Store result mysqli_stmt_store_result($stmt); // Check if username exists, if yes then verify password if(mysqli_stmt_num_rows($stmt) == 1) { // Bind result variables mysqli_stmt_bind_result($stmt, $id, $username, $hashed_password); if(mysqli_stmt_fetch($stmt)) { if(password_verify($password, $hashed_password)) { // Password is correct, so start a new session session_start(); // Store data in session variables $_SESSION["loggedin"] = true; $_SESSION["userid"] = bin_to_uuid($id); $_SESSION["username"] = $username; $_SESSION["is_admin"] = is_user_admin($link, $username); // Redirect user to welcome page header("location: index.php"); } else { // Password is not valid, display a generic error message $login_err = "Neplatná přezdívka nebo heslo."; } } } else { // Username doesn't exist, display a generic error message $login_err = "Účet neexistuje."; } } else { printf("Error: %s.\n", mysqli_stmt_error($stmt)); } // Close statement mysqli_stmt_close($stmt); } } } ?>

Přihlásit se

' . $login_err . ''; } ?> "; echo "Nepamatujete si svůj login/heslo? Klikněte sem pro obnovení"; } ?>

Přezdívka:
Heslo: